Adding CAPTCHA verification to Pligg

[thinguy]

Anyone know how CAPTCHA could be added to the submit process?

[incode]

How secure is the current captcha used by Pligg? It looks pretty basic to me. Is there any easy way to change to a more complex image?

[dollars5]

Quote:

Originally Posted by thinguy

Anyone know how CAPTCHA could be added to the submit process?

We have added by playing around with the tpl files, but we do plan to release as a module sooner.

Currently we have capchas for Registration, Submitting stories. (We did not intend to have it for comments as it would make peoples life a mess in our sites, even the story submission we plan to remove if it gets negative feedback - but Digg does have this)

Regards,
Dollars5.

[dollars5]

phpBB's captchas (a mod called Better Captcha is even better) and we plan to use it for Pligg, but no work in these areas will be done by us till Monday, if anyone wants to begin it before that - Good!

References:
Check our community site for a workin demo for Better Captchas (phpBB) - http://dollars5.com/munity/profile.p...er&agreed=true

phpBB better captcha code and link: http://www.phpbb.com/phpBB/viewtopic.php?t=473222

It uses alpha numeric code and uses font files for captcha displays, instead of all numbers only thing we currently have.

[dollars5]

A temporary solution would be is to do the following modifications:
1] open submit_empty_submit_form.tpl before

Code:

<input type="text" name="url" id="url" value="http://" size=55 class="form-full" />

add the following lines

Code:

<input type="hidden" name="ts_random" value="{$submit_rand}" /><br />
		<img src="{$my_pligg_base}/ts_image.php?ts_random={$submit_rand}" class="ch2" />
		<p><input type="text" size="20" name="ts_code" /><br /><br />

2] Open submit.php, in function do_submit1(); before

Code:

if($url == "http://" || $url == ""){
		if(Submit_Require_A_URL == false){$linkres->valid = true;}else{$linkres->valid = false;}
	}

add

Code:

if (!ts_is_human()) {
		$main_smarty->assign('register_error_text', "badcode");
		$main_smarty->display($the_template . '/register_error.tpl');
		return;
	}

This uses the same register_error.tpl files - should need another type of display, edit or forward accordingly.

[richrf]

Hi all,

The WordPress community, by-and-large, has decided that Captchas are not a viable approach to stopping bots and other spam engines. They have gone with the Akismet database approach, which seems to work very well on Links.com. Of course, with Akismet, there must be a way to moderate/delete/accept comments that Akismet has flagged. This might be a viable long term approach. Second to Akismet, a Bad Behavior approach also seems to work well, though I think Akismet is the best first line defense, since Bad Behavior is known to lock out legitimate users (it once locked me out of my own site).

I am right now working out the plans for using Pligg for Links.com, and spam control is one of my top items on my list, since Links does get some heavy spam volume.

Rich

[dollars5]

Those are good - but are in early stages and are not yet very complete protection, but many sites (including Digg) is dependent on Capchas.

[dollars5]

A better captcha implementation is provided at http://www.pligg.com/forum/showthread.php?p=20582

[meandean]

Quote:

Originally Posted by richrf

Hi all,

The WordPress community, by-and-large, has decided that Captchas are not a viable approach to stopping bots and other spam engines. They have gone with the Akismet database approach, which seems to work very well on Links.com. Of course, with Akismet, there must be a way to moderate/delete/accept comments that Akismet has flagged. This might be a viable long term approach. Second to Akismet, a Bad Behavior approach also seems to work well, though I think Akismet is the best first line defense, since Bad Behavior is known to lock out legitimate users (it once locked me out of my own site).

I am right now working out the plans for using Pligg for Links.com, and spam control is one of my top items on my list, since Links does get some heavy spam volume.

Rich

I agree - Akismet would be the way to go - especially as many Pligg implementations are by and for bloggers whom currently enjoy the benefits of Akismet.

[RockBottom]

How do you turn this feature on? I'm starting to get spam